In certain circumstances the stack protection feature can be rendered ineffective, leaving the protected function vulnerable to stack-based buffer overflows.
||24th December 2020
||Arm Compiler 5.01 to 5.06u6 inclusive, if code is compiled with the options:
||An undetected stack overflow can lead to a function return address being overwritten, potentially causing a crash or hang or allowing an attacker to gain control over program execution.|
|This issue is fixed in Arm Compiler 5.06u7. Users are recommended to upgrade if they are impacted by this issue.
||Thanks to Nico Golde of Apple for reporting this vulnerability.